Telstra customers get DNSChanger redirection

Telstra customers who may be affected by the DNSChanger server switch off have been thrown a temporary lifeline by the telco giant.

DNSChanger servers set up by the Federal Bureau of Investigation (FBI) are due to be shut down today, with the Australian Communications and Media Authority (ACMA) estimating that 6000 Australians could lose access to the internet. DNSChanger altered computers’ Domain Name Systems server settings, allowing the rerouting of traffic in the process of translating a domain name to an IP address.

In a blog posting, Telstra chief information security officer, Glenn Chisholm, said that the company had established a temporary network solution that will redirect infected customers away from the DNSChanger servers to Telstra’s BigPond domain name system (DNS) servers so that customers can still browse the internet.

“In simple terms, this redirection overcomes the hijacking of their domain name requests by the malware and allows Telstra to respond to these queries,” wrote Chisholm.

“Once infected customers change their DNS settings to any legitimate server, whether provided by Telstra or a third party, the redirection will cease.”

The IP address ranges which are being redirected include:

85.255.112.0/20

213.109.64.0/20

64.28.176.0/20

67.210.0.0/20

93.188.160.0/21

77.67.83.0/24

He added that the redirection only applies to BigPond asymmetric digital subscriber line (ADSL), cable, wireless and fibre to the premises (FTTP) customers.

“This redirection will enable us to continue to be able to identify infected customers so we can continue to work closely with them and help them remove the malware and fix their DNS settings,” wrote Chisholm.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.